Microsoft
Software
Hardware
Network
Question : How to delete a user certicate with a batch file?
OK..I have a situation where over half of the client PC's certificates expired on 2/25/08. So if I open the
1. MMC
2. Add the snap-in for certificates
3. Under the certificates go to the 'Personal' folder
This is where I find the expired certificate. I have an automated file I can run which is a .bat file that will add a new certificate to the PC. This issue there are then two certificates the old 2/25/08 & the new 3/3/09 certificates are both showing. We cannot authenticate specific apps that require a certificate when both are there. If I open the MMC and delete the old certificate, it all works just fine.
Is there a command string or code I can add to a .bat file to delete all user certificates under the 'Personal' folder of the MMC? Even if it is a .vbs that will work and I can call it from the .bat file. This way I can add a new certificate leaving only one.
Help - Thanks in Advance
Answer : How to delete a user certicate with a batch file?
It looks like your best bet would be to download a Microsoft program named
certutil.exe
as described here:
Certutil
http://technet2.microsoft.
com/window
sserver/en
/library/
a
3d5dbb9-1b
f6-42da-a1
3b-2b220b1
1b6fe1033.
mspx
The command to put in your batch file will probably look something like:
certutil -delstore -user 1
See also:
http://groups.google.com/g
roup/
micro
soft.publi
c.windows.
server.gen
eral/brows
e_thread/t
hread/
c2c5
ccf7b7fa91
c5/b1b8316
63b5b3d55
=--==-=-=-=-
Another MS tool, that comes with the .Net Framework:
Certificate Manager Tool (Certmgr.exe)
http://msdn2.microsoft.com
/en-us/lib
rary/
e78by
ta0(VS.71)
.aspx
also supports command-line options to delete certs
=-=-=-=-=-=-=-=
Another alternative might be to delve into the registry and locate and delete the relevant entry. See
http://msdn2.microsoft.com
/en-us/lib
rary/
aa388
136(VS.85)
.aspx
for locations of system certs. FOr the location of user certs, look into the filesystem:
C:\Documents and Settings\
\Ap
plication Data\Microsoft\SystemCerti
ficates\My
\Certifica
tes
Finally (and this is what I'd do), you could write a short C++ program to use Win32 API functions, and then execute that from your batch file. The API documentation includes plenty of example code for opening a cert store, locating a cert, and deleting it:
CertFindCertificateInStore
Function
http://msdn2.microsoft.com
/en-us/lib
rary/
aa376
064(VS.85)
.aspx
CertDeleteCertificateFromS
tore Function
http://msdn2.microsoft.com
/en-us/lib
rary/
aa376
040(VS.85)
.aspx
Example C Program: Deleting Certificates from a Certificate Store
http://msdn2.microsoft.com
/en-us/lib
rary/
aa382
045(VS.85)
.aspx
=-=-=-=-=-=-=-=
Note: I have NOT personally used any of these techniques, so I suggest caution.
Random Solutions
I have this function, but unable to put results on the form
how to exclude one of the table during imp/exp?
Public member 'String' on type 'String' not found
MSAccess - Remove all forms & tables using VB?
I get a blue screen when I boot my Windows Server 2008
Exchange 2007 OWA
SSO in ISA Server
List of free block lists
Difference between ADP, MDB & SQL
SSIS DYNamic excel connection string in runtime